Bugscale

Check out our first blog post about V8 CVE-2024-12695: bugscale.ch/blog/dissectin…

Our second blog post is out here: bugscale.ch/blog/here-we-g… ! We managed to install arbitrary APKs on the Samsung Galaxy S25 from an app without install permissions. For this, @SachaKozma did most of the work, but it was great looking into Samsung's cloud gaming component with him

With @Hacker_Chai we just published our second blog post on Samsung security research! This one is about a local arbitrary APK install in Galaxy Store, combining a few vulns like a broken signature check, a file write, etc. Check it out here: bugscale.ch/blog/here-we-g…

If you missed the talk at @1ns0mn1h4ck , our latest blog post is now available for you to explore. In this post, researchers @Hacker_Chai and @SachaKozma detail their journey to a 1-click RCE exploit on the Samsung S25 phone. Check it out here: bugscale.ch/blog/shoot-for…

Our researchers @SachaKozma & @Hacker_Chai are taking the stage at @1ns0mn1h4ck today! 📍 Campus Auditorium B at 13:30 🎯 Shoot for the Galaxies: Our Samsung S25 1-click RCE Journey If you're into mobile attack surface research, this one's not to miss! #INSO2026 #insomnihack

Proud to have published the first ever report to qualify for Samsung's Important Scenario Vulnerability Programme (ISVP)! @SachaKozma @bugscale security.samsungmobile.com/securityPostDe…

🐞 Bugscale is thrilled to be sponsoring Hexacon again and we look forward to seeing everyone in Paris! Thank you @bugscale for your continued support 🙏

Here is a new blog post, where I wrote about (some of) my recent work with angr, including: - Adding support for Windows debug symbols - Collecting and visualizing real-time coverage - Improving debugging workflows plowsec.github.io/angr-introspec…

We're #hiring ! You can check out the job desc on our website: bugscale.ch/careers/ or you can also apply on LinkedIn: linkedin.com/jobs/view/3601…

Highlights from #Pwn2Own Toronto Day 2: Team Bugscale vs the #HP printer

Ph0wn is brought free to you thanks to our sponsors. We warmly thank our bronze sponsors :)

In the first SOHO SMASHUP of the day, we have a unique + a known bug! #Pwn2Own #P2OToronto

🔥 We are thrilled to announce our first sponsor! 🙏 Thank you @bugscale for helping us make this highly technical conference possible 🐞 To find out more about Bugscale: ➡️ bugscale.ch hexacon.fr/sponsors/ #HEXACON2022

[TALK ANNOUNCEMENT] Automatically extracting static anti-virus signatures by Vladimir Meier (@PlowSec) insomnihack.ch/confirmed-spea… #INS22 #INSO22 #Talks

Team Bugscale continues #Pwn2Own #AfterDark with a successful exploit of the LAN interface of the NETGEAR R6700 router. They combined an auth bypass and a command injection bug to earn $5,000 and 1 Master of Pwn point. #P2OAustin

Success! The Bugscale team was able to take over a WD My Cloud Pro Series PR4100. They head off to the disclosure 'room' to provide the details of their demonstration. #Pwn2Own #P2OAustin

Coming up next, the Bugscale team targets the Western Digital My Cloud Pro Series PR4100 in the NAS category. #Pwn2Own #P2OAustin

Thanks to @bugscale to be Silver sponsor at BlackAlps BBQ 21! blackalps.ch/ba-21/

Success! The @bugscale team was able to demonstrate their RCE on the Western Digital NAS. They head off to the disclosure room to dish the details.